Restricted Project Artifacts Accessible to Certain Users
CVE-2024-4811

2.2LOW

Key Information:

Vendor: Octopus Deploy
Status: Octopus Server
Vendor: CVE Published:; 25 July 2024

🔔 Create Octopus Deploy Vulnerability Alert

What is CVE-2024-4811?

In affected versions of Octopus Server under certain conditions, a user with specific role assignments can access restricted project artifacts.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Octopus Server Windows 2023.1 < 2023.4.8608

Octopus Server Windows 2024.1 < 2024.1.12759

Octopus Server Windows 2024.2 < 2024.2.9193

References

https://advisories.octopus.com/post/2024/sa2024-05/

CVSS V3.1

Score:

2.2

Severity:

LOW

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 25, 2024
Vulnerability Reserved
May 13, 2024

JSON

Octopus Deploy